CVE-2008-6394
CS-Cart 1.3.5 and earlier is affected by a SQL injection vulnerability in core/user.php via the cs_cookies[customer_user_id] cookie parameter. Remote attackers could potentially execute arbitrary SQL commands. Affected component is the web application’s user handling logic; no patch/version detai...